<?php
//----------------------------------------------USERS
function edit_bckuser($config,$param){
	$uname = trim($param['unameed']);
	$newpass = md5(strtolower(trim($param['newpass'])));
	$olpass = md5(strtolower(trim($param['olpass'])));
	$id = $param['id'];
	$db = new db($config);
	$que = "SELECT * FROM user WHERE username = '".$_SESSION['logged']['username']."' AND password = '$olpass'";
	$db->query($que);
	if ($db->rowCount()>0){
		$que = "UPDATE user SET username = '$uname', password = '$newpass' WHERE idUser='$id' AND password='$olpass'";
		echo $que;
		$db->exec($que);
		$_SESSION['editted'] = 'Sukses ubah user';
		$_SESSION['logged']['username'] = $uname;
	}else
		$_SESSION['editted'] = 'Gagal ubah user';
	header('Location: '.$config['home_url']."backend/pengguna");
}
function add_bckuser($config,$param){
	$uname = trim($param['uname']);
	$pwd = md5(strtolower(trim($param['pass'])));
	$db = new db($config);
	$que = "INSERT INTO user (username,password,role) VALUES ('$uname','$pwd',0)";
	echo $que;
	$db->exec($que);
	if ($db->lastInsertId()>0)
		$_SESSION['editted'] = 'Sukses tambah user';
	else
		$_SESSION['editted'] = 'Gagal tambah user';
	header('Location: '.$config['home_url']."backend/pengguna");
}
function del_bckuser($config,$param){
	$id = $param['id'];
	$db = new db($config);
	$que = "DELETE FROM user WHERE idUser = $id";
	echo $que;
	$db->exec($que);
	$_SESSION['editted'] = 'Sukses hapus user';
	header('Location: '.$config['home_url']."backend/pengguna");
}
